GROUP AUDITS ISSUES AND WORKING GROUP VIEWS

Transcription

1 IAASB CAG Public Session (September 2016) Agenda Item G.3 GROUP AUDITS ISSUES AND WORKING GROUP VIEWS Objective of the IAASB Discussion The objective of the discussion is to obtain the IAASB Consultative Advisory Group (CAG) Representatives and Observers input on the approach to scoping a group audit. The input from the CAG Representatives and Observers on this matter will help inform the development of the group audits project proposal for discussion with the CAG on its teleconference in November 2016, and presentation to the IAASB at its December 2016 meeting. In particular, the input provided by the CAG Representatives and Observers will assist the Group Audits Working Group (GAWG) in moving forward on matters relating to group audits, including the assessment of the nature and extent of necessary revisions to ISA 600. Introduction 1. A high-level summary of the responses to the IAASB s Invitation to Comment (ITC), Enhancing Audit Quality in the Public Interest: A Focus on Professional Skepticism, Quality Control and Group Audits, as well as the proposed way forward on the various projects, including group audits, is set out in Agenda Item G.1. That paper sets out the interactions between the projects on quality control and group audits, and the Enhancements Group s views on possible actions for a way forward, including the prioritization of the crossover issues (see paragraph 62 of Agenda Item G.1). 2. This paper discusses the approach to scoping a group audit, including a more detailed analysis of the relevant responses to the ITC, in particular the specific responses to question 7(b) relating to the approach to scoping a group audit, but also from other relevant responses. The list of respondents and their acronyms can be found in Appendix 1 of Agenda Item G.1. The Approach to Scoping a Group Audit Background 3. Audit risk in a group audit encompasses the possibility that a misstatement at the component level, or across components, is not detected and may therefore result in an inappropriate audit opinion being expressed when the group financial statements are materiality misstated. 4. Extant ISA requires the auditor to design and implement appropriate responses to address the risks of material misstatement to the group financial statements that may exist in the financial information of components, whether components are considered significant or non-significant. 2 ISA 600 requires specific approaches to the financial information of components that are significant due to their financial significance, or because the component is likely to include significant risks of material misstatement of the group financial statements due to its specific nature or circumstances (i.e., ISA 600 requires that the financial information of financially significant components be audited using component materiality and for components that are significant due to risk, either the component should be audited using component materiality or procedures as specified in the standard should be 1 ISA 600, Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors) 2 ISA 600, paragraph 24 Prepared by: Bev Bahlmann (August 2016) Page 1 of 6

2 undertaken). 3 For components that are not considered significant, the group engagement team is required to perform analytical procedures at the group level. 4 However, in certain circumstances the group engagement team may need to perform, or request that a component auditor perform, procedures as specified by the standard on non-significant components. 5 Responses to the ITC 5. In the ITC, it was noted that scoping an audit based on the identification of components (and on whether they are determined to be significant or not) is sometimes challenging and may not always result in an appropriate top-down approach to identifying, assessing and responding to risks of material misstatement at the group financial statement level. Respondents suggested that in addition to better linking ISA 600 to the other ISAs relevant to the identification, assessment and development of responses to risks of material misstatement, 6 consideration should be given to further strengthening ISA 600 by placing more emphasis on the scoping process in determining that the risks of material misstatement of the group financial statements are properly considered and addressed. 6. One regulator and audit oversight authority 7 encouraged further consideration of the mechanism for scoping a group audit in ISA 600. This respondent noted that focusing the primary determination of the necessary work effort on the basis of whether components are considered significant or not, and on the risk assessment of, primarily, significant components may not always result in an appropriate top-down approach to the assessment of the risks of material misstatement at the group financial statement level in accordance with the principles of ISA 315 (Revised). It was also noted that the existing approach based on identifying components and determining their significance may inadvertently emphasize a bottom-up approach to planning the audit. As a result, the responses to those risks, even if correctly determined in accordance with ISA 330, may not be appropriate or adequate in the circumstances. It was added that the emphasis should be more on a top-down approach based on understanding the group and its environment and an assessment of risks to the group financial statements. Others did not specifically comment on the scoping of the group audit engagement, but commented more generally as follows: One monitoring group (MG) member 8 agreed that that it is necessary to clarify, and potentially expand on, how a group engagement team is expected to apply the requirements in the standards related to identifying and assessing the risks of material misstatement (including in relation to fraud), and responding to those risks. Another member of the MG 9 encouraged the IAASB to develop a robust framework for determining the scope of work with respect to components and the extent of involvement of the group auditor in the work performed by others, in particular component auditors. However, 3 ISA 600, paragraphs 26 and 27 4 ISA 600, paragraph 28 5 ISA 600, paragraph 29 6 ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment, ISA 240, The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements and ISA 330, The Auditor s Responses to Assessed Risks 7 Other Regulators and Audit Oversight Authorities: UKFRC 8 MG: IOSCO 9 MG: IFIAR Page 2 of 6

3 the IAASB was cautioned to consider the broader implications and unintended consequences that a more flexible approach might have. The application of ISA 600 merits further enhancement in order to ensure that its requirements sufficiently address the challenges of the current environment in a group audit, 10 including addressing that sufficient appropriate procedures are performed to support the audit opinion Accounting firms who addressed this issue in their responses generally supported exploring a more top-down approach to scoping a group audit engagement. 12 However, the firms differed in how a topdown approach might be incorporated: Two accounting firms 13 had the view that the scoping of a group audit engagement should include a combination of focusing on assessing risks of material misstatement existing in a group, as well as considering significant and non-significant components. These respondents believed this vertical and horizontal view would better facilitate and support responding to the risks of material misstatement, and in turn the auditor s opinion on the group financial statements. It was noted that the current approach (i.e., the vertical approach, or approach based on identification of components and determination of their significance) was still likely to be very effective for some group structures and should therefore not be lost in any revisions. Two other accounting firms 14 recommended consideration be given to a more principles-based approach and does not necessarily focus on conceptual restrictions on multi-location entities that do not necessarily meet the definition of a group, or aspects of which do not meet the definition of component. 8. One accounting firm 15 agreed that the approach to scoping a group audit needed to be sufficiently flexible to accommodate the range of different organizational structures and not inhibit effective approaches to the audit through unduly prescriptive requirements. This accounting firm added that the focus of the revisions to ISA 600 need to be centered on whether the group audit engagement team has obtained sufficient appropriate audit evidence as a basis for its opinion, rather than excess prescription in the process to be followed in obtaining that evidence. 9. Another accounting firm 16 had the view that the overall principles within the existing ISA 600 are sound and do not need significant alteration at this stage. This respondent did however note that additional guidance with respect to identification of a component and various other matters related to evolving circumstances of groups was needed. 10 Other Regulators and Audit Oversight Authorities: EBA, UKFRC 11 Other Regulators and Audit Oversight Authorities: MAOB 12 Accounting Firms: BDO, DTT, EYG, GT, KPMG 13 Accounting Firms: DTT, EYG 14 Accounting Firms: GT, KPMG 15 Accounting Firms: PwC 16 Accounting Firms: RSM Page 3 of 6

4 10. National standard setters (NSS) had varying views: Limited support 17 for scoping the audit based on identifying and assessing the risks of material misstatement for the group as a whole. However, there was caution that making changes to incorporate this approach as opposed to the current approach that is focused on the identification of components, and assessment of their significance, would be a holistic change, and that careful consideration of the resultant cost / benefit would be necessary. One NSS 18 had the view that scoping of a group audit and the determination of work necessary at the component level needs to use a combination of a top-down and bottom-up approach. This approach would ensure that risks from a group perspective and those identified at the component level are considered as appropriate. One NSS 19 had the view that both risk assessment and component significance needed to be retained as relevant considerations. This respondent noted that risk assessment at the group level is a key aspect in determining whether a particular component is significant. One NSS 20 had the view that the current approach of identifying significant components, based on financial significance or because there may be a risk of material misstatement, is still valid. Other stakeholder groups did not specifically comment on this aspect of group audits. 11. There were also numerous responses that highlighted the need to strengthen the link between ISA 600 and ISA 315 (Revised) 21 (i.e., assessing risks for the group as a whole in accordance with ISA 315 (Revised)), with some respondents noting specific areas for consideration, such as the requirements related to obtaining an understanding of internal control relevant to the financial reporting process. 22 The GAWG Views on the Way Forward 12. Based on the responses and further discussions of the GAWG, the GAWG is of the view that exploring a more robust approach to scoping a group audit is warranted. Subject to IAASB CAG and IAASB feedback, the GAWG intends to further explore a better articulation of a risk-based approach to the scoping of a group audit, including the work to be done at the component level. This will include more focus on identifying and assessing risks at the group level and determining that the planned scope of work adequately responds to those risks, rather than the current approach whereby the scope of the work is driven primarily by the identification of components and determination of their significance. The GAWG has the view that such a more robust approach will help address the challenges and concerns raised that scoping the work effort based on the identification of components will not always result in the risks of material misstatement at the group level being the 17 NSS: MICPA, NBA 18 NSS: AUASB 19 NSS: IDW 20 NSS: JICPA 21 Other Regulators and Audit Oversight Authorities: UKFRC; NSS: CAASB, NZAuASB; Accounting Firms: GTI, KPMG; Public Sector: AGC, GAO, INTOSAI 22 MG: IAIS Page 4 of 6

5 primary driver for scoping the work. Furthermore, this approach will more closely align ISA 600 with the principles in ISA 315 (Revised) (i.e., the top down approach ). 13. In its considerations about the most appropriate changes to make, the GAWG is mindful of the importance of developing or enhancing requirements and guidance that will better illustrate or support the application of ISA 600 and the risk model to a wide variety of group structures. 14. The GAWG agrees with respondents who had noted that understanding the entity s operational structure, including as appropriate, significant or non-significant components, remains critical to the auditor s overall group audit strategy and group audit plan. In particular, in identifying and assessing the risks of material misstatement at the group financial statement level and in developing appropriate responses, the corresponding work effort will, in many cases, most appropriately be undertaken at the component level. In linking the determination of the work to be done at the component level more closely with the risks identified at the group level, the group engagement team would be able to more appropriately direct the work to be done at the component level that is necessary to support the group audit opinion. 15. The GAWG believes that ISA 600 should be structured to help group engagement teams focus on determining that appropriate audit procedures are planned and performed to address the risks of material misstatement related to those balances and disclosures that are material to the group financial statements. Enhancements to ISA 600 could be incorporated to focus on the auditor s evaluation as to whether and how the risks are addressed through work done at the group level by the group engagement team and through work done at the component level by component auditors. This approach would also provide a more structured way to assess the appropriateness of the scoping of the group audit (i.e., through considering both the identification of components and determination of their significance, but also through assessing whether and how the risks at the group level are addressed). 16. A more robust approach to the scoping of a group audit would also provide a framework for further exploration of the nature of the work to be done by component auditors and to address many of the issues highlighted in the ITC and the calls from respondents for clarification and more guidance. For example, under a more top-down approach to group audit scoping, it would become clear as to which risks and related account balances would be audited in the aggregate or at a group level by the group engagement team, and also how that work would be relevant to determining whether incremental work would be necessary at the component level, and if so, what that would entail. 17. More robust communications 23 (between the group engagement team and the component auditors) will also help the group engagement team better understand how the risks to the group financial statements have been addressed at the component level and also whether there are other risks to the group financial statements arising out of matters identified by component auditors. 18. Revisiting the approach to scoping the group audit engagement and being more focused on incorporating a robust top-down approach is, in the view of the GAWG, responsive to the responses to the ITC, and is expected to help facilitate and support the auditor s conclusion that sufficient appropriate audit evidence has been obtained, thereby improving the quality of group audits. 23 As part of a project to revise ISA 600, it is intended that consideration will be given to more robust two-way communications between the group engagement team and the component auditors. Page 5 of 6

6 Matters for IAASB CAG Consideration 1. CAG Representatives and Observers are asked whether: (a) (b) They agree with aligning ISA 600 more directly with ISA 315 (Revised), and in the manner explained above? The approach of identifying components and evaluating their significance should be retained as a foundational aspect of the approach to scoping a group audit? If not, why not? 2. Are there any other matters that the GAWG should consider in moving forward related to its deliberations regarding the scoping of a group audit engagement? Page 6 of 6